Hybrid Post-Quantum Key Exchange in wolfSSL 5.8.0
Release 5.8.0 of our wolfSSL library implements hybrid key exchange algorithms that combine conventional elliptic curve cryptography with post-quantum key encapsulation mechanisms (KEMs).
New Hybrid Groups: Combining elliptic curves (SECP256/384/521, X25519, X448) with ML-KEM. This provides compatibility with Chromium and other organizations that are together with wolfSSL leading the way in post-quantum migration. Some of the new hybrid groups were already done in previous releases. Here is the complete list of hybrid key exchange groups in TLS 1.3:
- WOLFSSL_P256_ML_KEM_512
- WOLFSSL_P384_ML_KEM_768
- WOLFSSL_P256_ML_KEM_768
- WOLFSSL_P521_ML_KEM_1024
- WOLFSSL_P384_ML_KEM_1024
- WOLFSSL_X25519_ML_KEM_512
- WOLFSSL_X25519_ML_KEM_768
- WOLFSSL_X448_ML_KEM_768
The new release includes comprehensive test configurations demonstrating how to use these new hybrid groups in TLS 1.3 connections. Go ahead and start thwarting the “Harvest Now, Decrypt Later” threat model that is currently in play.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Live Webinar: wolfHSM with PQC: Preparing Hardware Security Modules for the Post-Quantum Era
Join wolfSSL Senior Software Developer Anthony Hu for a deep dive into how Hardware Security Modules (HSMs) must evolve to meet the challenges of the post-quantum era.
Register Today: wolfHSM with PQC: Preparing Hardware Security Modules for the Post-Quantum Era
Date: May 14th | 9 AM PT
The world is moving toward post-quantum cryptography (PQC), and embedded security can’t afford to fall behind. Even HSMs—built to provide strong, hardware-level protection—now face new risks. Systems with long product lifecycles and fixed cryptographic algorithms are especially vulnerable to future quantum threats.
In this webinar, wolfSSL Senior Software Developer Anthony Hu will help explore what it takes to implement post-quantum readiness in embedded HSMs, and how to transition your systems to stay secure in the years ahead.
What you’ll learn in this PQC webinar:
- Explore the “harvest now, decrypt later” threat and the risks quantum computers pose to existing cryptographic algorithms.
- Discover how HSMs support PQC algorithms and ensure secure key management for embedded systems.
- Learn best practices for integrating post-quantum readiness into your HSMs and staying ahead of evolving cryptographic standards.
- Learn how wolfHSM architecture meets both current and future cryptographic standards to safeguard your embedded systems.
Learn how to prepare your embedded systems for quantum-resistant encryption and stay ahead of emerging security standards.
As always, our webinar will include Q&A throughout. If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
wolfSSL visits Radiona in Zagreb
We at wolfSSL would like to thank Goran Mahovlic and the entire Radiona team for inviting us to their headquarters in Zagreb, Croatia! We enjoyed the opportunity to present information on one of our flagship products, wolfBoot, during the recent OpenHardware Meet-up. The hospitality was outstanding and greatly appreciated!
Radiona is home to the awesome ULX3S FPGA + ESP32 board, first introduced to the general public by our friends over at the Crowd Supply Campaign and now available from Mouser Electronics.
Radiona embodies the true STEAM Spirit. So much more than the open source hardware is the community of passionate makers, students, engineers, and more. These people from all over the world participate in the Zagreb Makerspace and FER: the Faculty of Electrical Engineering and Computing at the University of Zagreb in Croatia.
A new and exciting board is also in the works from the collaboration between Radiona and Intergalaktik: the ULX4M! This is another open source FPGA board that has a CM4 connector for the many Raspberry Pi Carrier boards that accept a Compute Module.
The ULX3S is the only board (that we know of!) that is not only open source, but includes both open source FPGA and ESP32 projects, all on one board. Check out some of the many projects available.
New and exciting features will soon be added to the ULX3S, leveraging some of the features of the ESP32-S3. See the development README doc.
There’s extensive wolfSSL support for the ESP32, including not only Espressif ESP-IDF with optional Managed Components but also Arduino, PlatformIO, and more.
[gojimmypi] has several blogs on using wolfSSL with the ULX3S: Perhaps you’d like to SSH into the ESP32 on your ULX3S? That example leverages the core Espressif wolfSSH in the wolfssl-examples SSH-to-UART project.
The ULX3S could also be integrated into the Apple HomeKit ecosystem.
Interested in getting Started with wolfSSL on the ESP32? Check out our YouTube video:
See our prior blog about using the ULX3S FPGA to create your own soft-core RISC-V, the same Hazard3 core used on the Raspberry Pi Pico 2 RP2350.
Meet Us at Events:
- Upcoming wolfSSL events
- CYSAT Europe | May 14-15
- Barcelona Cybersecurity Congress | May 21-23
- Upcoming Radiona events
For more information:
- wolfSSL Docs
- wolfSSL Manual
- Other ESP32 blogs
- Learn more about Radiona and wolfSSL.
Post Quantum
Do you have code that can be upgraded to Post Quantum? Read our recent blog to learn more!
FIPS Certified!
When you are ready to move on to the next step, wolfSSL will be there for you! Need to have your project NIST Certified? Recently we announced that wolfSSL is the First in the World to offer FIPS 140–3 Automated Submission with our NIST Certificate #4718.
Find out more:
If you have any feedback, questions, or require support, please don’t hesitate to reach out to us via facts@wolfSSL.com, call us at +1 425 245 8247, or open an issue on GitHub
Download wolfSSL Now
wolfBoot release: v.2.5.0
We are pleased to announce the release of wolfBoot 2.5.0, the newest version of our universal secure bootloader. This release marks another milestone in the continued evolution of wolfBoot, reinforcing its relevance as a cutting-edge secure boot solution for embedded systems. WolfBoot 2.5.0 brings expanded hardware support, major new features, and a host of improvements to performance and security, all while maintaining the simplicity and robustness our users expect.
New hardware targets and platform enhancements
wolfBoot 2.5.0 expands its hardware compatibility, adding support for several new platforms and improving existing targets. Notable additions and enhancements include:
- New target support: wolfBoot now supports the Raspberry Pi RP2350 microcontroller, NXP’s MCX family (including the MCXA153 and MCXW716 series), and the STMicroelectronics STM32F1 series. These additions extend wolfBoot’s reach from the latest Pi Pico 2 board to NXP’s advanced Cortex-M33 based MCUs and even legacy STM32F1 devices (like the popular “blue-pill” board), demonstrating once again our team’s commitment to maximize device coverage.
- Enhanced support: Existing platform ports have been refined for better stability and performance, notably for the Xilinx UltraScale+ MPSoC (ZynqMP), Renesas RX family, and Infineon AURIX TriCore TC3xx microcontrollers. Developers using ZynqMP devices will benefit from smoother integration (e.g. improved standalone boot support and exception level handling), while updates to the Renesas RX and AURIX TC3xx ports include more efficient flash management and boot-time reliability improvements. These platform enhancements make it easier and more efficient to deploy wolfBoot on a wider range of hardware.
Major new features and enhancements
Version 2.5.0 introduces several important features aimed at both simplifying the developer experience and strengthening security:
- Non-contiguous ELF section support: wolfBoot can now load and verify firmware images with non-contiguous (scattered) ELF sections. In practical terms, this means the bootloader handles images that are split across multiple memory regions, accommodating complex memory maps and multi-part firmware layouts. This feature adds flexibility for projects that utilize segmented flash or RAM areas for their application code and data.
- Streamlined PQC integration: Post-Quantum Cryptography support in wolfBoot has been simplified and updated. WolfBoot 2.5.0 includes the latest PQC algorithm support from wolfCrypt (such as the recently standardized ML-DSA) and makes it easier to configure PQC-based signature verification. By refining the integration of PQC algorithms, we continue to help users prepare for a post-quantum future without sacrificing ease of use.
- Static library build option: In addition to the traditional standalone bootloader binary, wolfBoot can now be built as a static library (libwolfboot.a). This gives developers the flexibility to integrate wolfBoot’s secure boot functionality directly into their applications or custom boot frameworks. The static-lib build simplifies certain use cases — for example, linking wolfBoot into a monolithic firmware image or using wolfBoot features in an RTOS environment — by allowing wolfBoot to be called like a library rather than a separate bootloader image.
- Glitch attack mitigation (IAR toolchain): Security against hardware fault-injection attacks (glitches) has been further hardened in this release. We’ve extended our glitch mitigation techniques to better support the IAR Embedded Workbench toolchain, ensuring that builds compiled with IAR include additional countermeasures against timing and voltage glitch attacks. These low-level improvements make the secure boot process even more resilient to physical attack attempts, protecting the integrity of the firmware verification steps.
Build system and documentation improvements
wolfBoot 2.5.0 comes with numerous build system refinements and documentation updates to streamline development. We have refactored the CMake build system to improve cross-platform support and clarity, making it easier to compile wolfBoot for various targets and toolchains. This includes cleaner integration for IAR and other compilers, as well as a more organized project structure for out-of-the-box builds. Additionally, our documentation has been improved across the board – from updated user manuals and API references to new examples and guides – to help both new and experienced users get the most out of wolfBoot. Whether you’re configuring a multi-slot update scheme or integrating wolfBoot with a TPM, the clearer documentation will guide you through the process more smoothly. (As always, detailed change logs and usage instructions can be found in the README and docs accompanying the release.)
Bug fixes and updated modules
As with every release, wolfBoot 2.5.0 includes key bug fixes that enhance stability and reliability. Various minor issues identified in the previous version have been addressed, resulting in a more robust bootloader across all supported platforms. In particular, fixes were applied to edge cases in flash memory handling and update workflows to ensure consistent behavior in all update scenarios.
Moreover, the cryptographic and secure hardware modules underlying wolfBoot have been updated to their latest versions. wolfBoot 2.5.0 is powered by wolfSSL 5.8.0 – bringing in the newest optimizations and post-quantum enhancements from the wolfCrypt engine – and it can integrate with wolfTPM 3.9.0 for TPM-based secure boot use cases. By using the latest wolfSSL v5.8.0 and wolfTPM v3.9.0 releases, wolfBoot ensures compatibility with the most up-to-date security features and fixes from those libraries. This means developers get improved performance, up-to-date cryptographic algorithms, and continued FIPS 140-3 readiness through wolfCrypt.
wolfBoot’s security is, as always, built on wolfCrypt, which allows the boot process to leverage FIPS-certified crypto and even meet safety standards like DO-178C when required. Upgrading to wolfBoot 2.5.0 brings all these benefits into your secure boot process.
Getting wolfBoot 2.5.0 and support
wolfBoot 2.5.0 is available for download now, and we encourage everyone to try out the new features and improvements. You can find the source code and release package on our GitHub repository and the wolfSSL download page. Documentation for this release, including an updated user manual and examples, is available on our website to help you get started quickly.
If you have any questions about wolfBoot 2.5.0 or need help with integration, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247. The wolfSSL team offers commercial support and consulting services for those who require dedicated assistance or custom features. Whether you are upgrading an existing project or designing a new device with wolfBoot, our team is here to ensure your secure boot implementation is successful.
Download wolfSSL Now
Test Certificates in Production: KeyPlug’s WolfSSL Misconfiguration Leads to Infrastructure Exposure
Summary
A critical security incident exposed KeyPlug malware infrastructure due to the improper use of wolfSSL test certificates in production. The 24-hour exposure revealed sophisticated attack tools linked to the RedGolf/APT41 threat group, demonstrating how poor certificate management can compromise even advanced threat actors’ operations.
The Certificate Failure
The compromised server was identified through its WolfSSL test certificate:
Subject Common Name: www[.]wolfssl[.]com Subject Organizational Unit: Support_1024 Issuer Organizational Unit: Consulting_1024 SHA-256: 4C1BAA3ABB774B4C649C87417ACAA4396EBA40E5028B43FADE4C685A405CC3BF
Critical Issues
- Test Certificate Misuse
- Production use of wolfssl.com test domain
- Weak 1024-bit keys (indicated by “_1024” suffix)
- Certificate sharing across multiple attack servers
- Security Impact
- Exposed Fortinet exploitation tools and C2 infrastructure
- Enabled infrastructure correlation through shared certificates
- Compromised operational security of advanced threat actors
Best Practices for WolfSSL Implementation
To avoid security lapses like the one described, it’s critical to follow best practices when deploying wolfSSL in production environments. The following guidelines focus on certificate requirements, security controls, and monitoring techniques:
Production Deployments
- Certificate Requirements
- Use only trusted CA-issued certificates
- Implement minimum 2048-bit RSA keys
- Maintain proper validation chains
- Security Controls
- Never use test certificates in production
- Implement certificate pinning
- Regular certificate rotation
Monitoring and Detection
- Certificate Auditing
- Regular infrastructure scans
- Certificate inventory management
- Automated validation checks
- Warning Signs
- Domains containing “wolfssl.com”
- Organizational units with test indicators
- Key sizes below 2048 bits
- Invalid trust chains
Recommendations
To mitigate risk and ensure strong certificate hygiene, both WolfSSL users and security teams should take immediate action. Below are tailored recommendations for each group:
Immediate Actions
- For WolfSSL Users
- Audit all certificates
- Remove test certificates
- Implement CA-issued certificates
- Verify proper key lengths
- For Security Teams
- Monitor for test certificate usage
- Implement certificate validation
- Regular infrastructure scanning
- Maintain certificate inventory
Conclusion
Organizations must maintain strict separation between development and production certificates and implement proper certificate management policies to prevent similar exposures.
Please do not use wolfSSL test certificates in production because the corresponding private keys are published as part of the wolfSSL source code package, so by design, these certificates are insecure. The test certificate private keys are public!
Source:
- KeyPlug-Linked Server Briefly Exposes Fortinet Exploits, Webshells, and Recon Activity Targeting a Major Japanese Company
- Exposed KeyPlug Malware Staging Server Contains Fortinet Firewall and VPN Exploitation Scripts
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Announcing wolfMQTT v1.20.0: Now with WebSocket Support
We are excited to announce the release of wolfMQTT v1.20.0, which introduces WebSocket support as its headline feature. This release continues our commitment to providing a lightweight, secure, and feature-rich MQTT client implementation for embedded systems and IoT applications.
What’s New in v1.20.0
The wolfMQTT v1.20.0 release includes several significant enhancements:
WebSocket Support
The most notable addition in this release is comprehensive support for MQTT over WebSockets. This feature allows wolfMQTT clients to connect to MQTT brokers through WebSocket endpoints, which is particularly valuable in environments where traditional MQTT ports might be blocked or when integrating with web applications.
Both standard WebSockets and secure WebSockets (WSS) are now supported, providing flexibility for various security requirements:
- Standard WebSockets: Connect to brokers using the WebSocket protocol without encryption
- Secure WebSockets: Use TLS to encrypt the WebSocket connection for enhanced security
Secure WebSocket CI Testing
To ensure the reliability of the new WebSocket functionality, we’ve added continuous integration testing specifically for secure WebSockets. This testing helps maintain the high quality and stability that users expect from wolfMQTT.
Improved CMake Support
This release includes improvements to the CMake build system:
- Enhanced duplicate component checking in CMake builds
- Better compatibility with the latest Managed Components
Additional Improvements
- Updated examples for the latest Managed Components
- Fixed an issue with OQS’s Mosquitto being out of date
About wolfMQTT
wolfMQTT is a lightweight, embedded MQTT client implementation written in C that supports SSL/TLS via the wolfSSL library. It was built from the ground up to be multi-platform, space conscious, and extensible. The library supports:
- MQTT v3.1.1 and v5.0 protocols
- MQTT-SN (MQTT for Sensor Networks)
- Quality of Service (QoS) levels 0-2
- TLS encryption via wolfSSL
- Non-blocking communications
- Multithreading for parallel operations
- Integration with popular IoT platforms (AWS IoT, Azure IoT Hub, IBM Watson IoT)
Getting wolfMQTT v1.20.0
The wolfMQTT v1.20.0 release is available now on our download page and GitHub.
Release 1.20.0 has been developed according to wolfSSL’s development and QA process and successfully passed the quality criteria.
Check out the ChangeLog for a full list of features and fixes, or contact us at facts@wolfSSL.com with any questions.
While you’re there, show us some love and give the wolfMQTT project a Star!
You can download the latest wolfMQTT release from our website or clone directly from our GitHub repository.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Live Webinar: Advanced libcurl with Daniel Stenberg
Looking to master libcurl beyond the basics? Join Daniel Stenberg, creator of curl, for a live webinar on May 8th at 10 AM PT, focused on advanced libcurl techniques for real-world use.
This live webinar is ideal for developers integrating libcurl into performance-critical applications or anyone ready to explore libcurl APIs in depth.
Register Now: Advanced libcurl
Date: May 8th | 10 AM PT
What You’ll Learn:
- Libcurl debugging best practices
- Setting up complex transfer configurations
- Using transfer control for precision workflow
- Managing concurrent transfers with the Multi API
- Sharing resources through the Share API
- Simplifying URLs with the URL API
- Managing HTTP headers through the Headers API
This practical session will help you optimize, debug, and scale your data transfers. Whether you’re looking to manage concurrent transfers or dive into advanced libcurl APIs, this webinar will provide the expert guidance you need.
Register now to reserve your spot and learn from the creator of curl.
As always, our webinar will include Q&A throughout. If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Chimera Certificate Standards Compliance
In the evolving landscape of cryptographic security, supporting multiple signature algorithms within a single certificate has become increasingly important. These certificates are known as Chimera certificates, a moniker coined by the X9.146 banking standards team. They provide enhanced security, flexibility, and agility, especially for the transition to post-quantum cryptography. As well, wolfSSL also understands the new TLS 1.3 CKS extension as defined by the X9.146 banking standard draft.
Chimera certificates are X.509 certificates that contain two public keys and signatures. These certificates are implemented through the use of three extensions:
- Subject Alternative Public Key Info (SAPKI): Contains an alternative public key
- Alternative Signature Algorithm: Specifies the algorithm used for the alternative signature
- Alternative Signature Value: Contains the actual bitstring of the alternative signature
In X.509 certificates, extensions can be marked as either “critical” or “non-critical.” Critical extensions MUST be understood and processed by the certificate validator. If a validator doesn’t recognize a critical extension, it MUST reject the certificate. Non-critical extensions can be safely ignored if not understood.
Before release 5.8.0, wolfSSL’s dual algorithm certificate implementation did not properly support the parsing of these extensions if they were marked as Critical. This was because the whole purpose of these extensions was to facilitate migration by allowing unmigrated systems to ignore the alternative public key and signatures. In that context, marking these extensions as critical made no sense.
That said, these extensions are standardized in the 2019 edition of the ITU-T X.509 standard. In that document, under recognition that there might be other future applications for these extensions, marking these extensions as critical is permitted.
The addition of critical extension support for Chimera certificates extensions represents an important compliance step. Without standards, interoperability would not be possible.
As the cryptographic landscape continues to evolve, especially with the ongoing transition to post-quantum algorithms, enhancements such as Chimera certificate support will become increasingly valuable. wolfSSL continues to demonstrate its commitment to providing a robust, standards-compliant, and forward-looking cryptographic library.
If you have question about any of the above, please contact us at >a href=”mailto”facts@wolfssl.com”>facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
wolfProvider Integration with nginx: Secure Your Web Server with wolfSSL FIPS Cryptography
Securing web servers with robust cryptography is essential in today’s threat landscape. wolfProvider offers a seamless way to enhance nginx security by integrating wolfSSL’s high-performance cryptographic implementations through OpenSSL’s provider framework. This integration allows nginx to leverage wolfSSL’s FIPS cryptography without modifying code.
What is wolfProvider?
wolfProvider is an OpenSSL provider that integrates the wolfCrypt FIPS cryptographic library with OpenSSL’s provider framework. It allows applications using the OpenSSL API, such as nginx, to seamlessly leverage wolfSSL’s FIPS approved cryptographic implementations without modifying application code.
Supported nginx Versions
Our continuous integration testing confirms compatibility with the following nginx versions:
nginx master branch
nginx release-1.27.4
Key Benefits for nginx users
- Enhanced Security: Access to wolfSSL’s FIPS 140-2/3 validated cryptographic modules for compliance requirements
- Optimized Performance: Benefit from wolfSSL’s highly optimized cryptographic implementations
- Seamless Integration: No modifications to nginx or openssl, a simple config file change enables new wolfProvider integration
- Comprehensive Algorithm Support: Full suite of modern cryptographic algorithms including:
- AES (128/192/256-bit with ECB, CBC, CTR, GCM, CCM modes)
- RSA, RSA-PSS for signing, verification, and key operations
- ECC with ECDSA and ECDH support
- SHA-1, SHA-2, and SHA-3 family hash functions
Testing and Verification
Our GitHub Actions workflows automatically test the integration to validate the following functionality:
TLS handshakes complete successfully
HTTP/2 connections work properly
Stream and mail modules function correctly
All cryptographic operations perform as expected
Stay updated with wolfProvider for ongoing enhancements! If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
wolfSSL Inc. SP800-140C, SP800-140D and Post-Quantum efforts update!
This is an update to previous post wolfSSL Inc. SP800-140C and Post-Quantum efforts update!
The National Institute of Standards and Technology (NIST) has recently updated its guidelines, enabling the certification of several post-quantum cryptographic algorithms through the Cryptographic Module Validation Program (CMVP). Notably, the digital signature algorithms ML-DSA (CRYSTALS-Dilithium), SLH-DSA, LMS, and XMSS are now fully certifiable under the updated SP800-140C standards. Similarly ML-KEM (CRYSTALS-Kyber) is fully certifiable under the updated SP800-140D standards!
In response to these developments, wolfSSL Inc. is proactively planning submissions to the CMVP for all except SLH-DSA. (If you would like to see SLH-DSA included please let us know sooner than later before we submit!)
wolfSSL Inc. has a strong track record in cryptographic module validation, having previously achieved FIPS 140-3 Certificate #4718 for its wolfCrypt Module, the world’s first SP 800-140Br1 validated certificate.
By staying ahead of regulatory changes and actively engaging in the certification process, wolfSSL continues to demonstrate its commitment to providing robust and compliant cryptographic solutions in the evolving landscape of post-quantum security.
As a reminder, be sure the January 1st, 2026 ESV soft transition does not catch you unprepared. The deadline for mandatory ESV validation across all FIPS modules is rapidly approaching. Leverage wolfSSL’s proven expertise to navigate this critical shift. Engage our staff now to architect a robust roadmap and guarantee a successful post-2026 FIPS compliance strategy!
We’d love to hear your feedback or input on this subject please do not hesitate to contact us at support@wolfSSL.com or fips@wolfSSL.com anytime!
If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.
Download wolfSSL Now